Abstract
Since their introduction over two decades ago, side-channel attacks have presented a serious security threat. While many ciphers' implementations employ masking techniques to protect against such attacks, they often leak secret information due to unintended interactions in the hardware. We present ROSITA, a code rewrite engine that uses a leakage emulator which we amend to correctly emulate the micro-architecture of a target system. We use ROSITA to automatically protect masked implementations of AES, ChaCha, and Xoodoo. For AES and Xoodoo, we show the absence of observable leakage at 1 000 000 traces with less than 21% penalty to the performance. For ChaCha, which has significantly more leakage, ROSITA eliminates over 99% of the leakage, at a performance cost of 64%.
Original language | English |
---|---|
Title of host publication | Proceedings 2021, 28th Network and Distributed System Security Symposium |
Editors | David Balenson |
Place of Publication | Reston VA USA |
Publisher | The Internet Society |
Number of pages | 17 |
ISBN (Electronic) | 1891562665, 9781891562662 |
DOIs | |
Publication status | Published - 2021 |
Externally published | Yes |
Event | Usenix Network and Distributed System Security Symposium 2021 - Online, San Diego, United States of America Duration: 21 Feb 2021 → 25 Feb 2021 https://www.ndss-symposium.org/ndss2021/ https://www.ndss-symposium.org/ndss-program/ndss-2021/ (Proceedings) |
Conference
Conference | Usenix Network and Distributed System Security Symposium 2021 |
---|---|
Abbreviated title | NDSS 2021 |
Country/Territory | United States of America |
City | San Diego |
Period | 21/02/21 → 25/02/21 |
Internet address |